package com.mall.common.security;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import com.mall.common.util.AppContext;

public class DefaultAccessDeniedHandler implements AccessDeniedHandler {

	@Override
	public void handle(HttpServletRequest request,
			HttpServletResponse response,
			AccessDeniedException accessDeniedException) throws IOException,
			ServletException {
		if (AppContext.isAjax(request)) {
			response.addHeader("loginStatus", "accessDenied");
			response.sendError(403);
			return;
		}
		response.sendRedirect("/html/error_page_access_denied.html");
	}

}
